Tag: privacy

In February the New York Times hosted the New Work Summit, a conference that explored the opportunities and risks associated with the emergence of artificial intelligence across all aspects of society. Attendees worked in groups to compile a list of recommendations for building and deploying ethical artificial intelligence, the results of which are listed below.

Transparency: Companies should be transparent about the design, intention and use of their A.I. technology.

Disclosure: Companies should clearly disclose to users what data is being collected and how it is being used.

Privacy: Users should be able to easily opt out of data collection.

Diversity: A.I. technology should be developed by inherently diverse teams.

Bias: Companies should strive to avoid bias in A.I. by drawing on diverse data sets.

Trust: Organizations should have internal processes to self-regulate the misuse of A.I. Have a chief ethics officer, ethics board, etc.

Accountability: There should be a common set of standards by which companies are held accountable for the use and impact of their A.I. technology.

Collective governance: Companies should work together to self-regulate the industry.

Regulation: Companies should work with regulators to develop appropriate laws to govern the use of A.I.

“Complementarity”: Treat A.I. as tool for humans to use, not a replacement for human work.

The list of recommendations seems reasonable enough on the surface, although I wonder how practical they are given the business models of the companies most active in developing AI-based systems. As long as Google, Microsoft, Facebook, etc. are generating the bulk of their revenue from advertising that’s powered by the data we give them, they have little incentive to be transparent, to disclose, to be regulated, etc. If we opt our data out of the AI training pool, the AI is more susceptible to bias and less useful/accurate, so having more data is usually better for algorithm development. And having internal processes to build trust? That seems odd.

However, even though it’s easy to find issues with all of these recommendations it doesn’t mean that they’re not useful. The more of these kinds of conversations we have, the more likely it is that we’ll figure out a way to have AI that positively influences society.

The developmental track of AI is a problem, and every one of us has a stake. You, me, my dad, my next-door neighbor, the guy at the Starbucks that I’m walking past right now. So what should everyday people do? Be more aware of who’s using your data and how. Take a few minutes to read work written by smart people and spend a couple minutes to figure out what it is we’re really talking about. Before you sign your life away and start sharing photos of your children, do that in an informed manner. If you’re okay with what it implies and what it could mean later on, fine, but at least have that knowledge first.

I agree that we all have a stake in the outcomes of the introduction of AI-based systems, which means that we all have a responsibility in helping to shape it. While most of us can’t be involved in writing code for these systems, we can all be more intentional about what data we provide to companies working on artificial intelligence and how they use that data (on a related note, have you ever wondered just how much data is being collected by Google, for example?). Here are some of the choices I’ve made about the software that I use most frequently:

Mobile operating system: I run LineageOS on my phone and tablet, which is based on Android but is modified so that the data on the phone stays on the phone i.e. is not reported back to Google.

Desktop/laptop operating system: I’ve used various Ubuntu Linux distributions since 2004, not only because Linux really is a better OS (faster, cheaper, more secure, etc.) but because open-source software is more trustworthy.

Browser: I switched from Chrome to Firefox with the release of Quantum, which saw Firefox catch up in performance metrics. With privacy as the default design consideration, it was an easy move to make. You should just switch to Firefox.

Email: I’ve looked around – a lot – and can’t find an email provider to replace Gmail. I use various front-ends to manage my email on different devices but that doesn’t get me away from the fact that Google still processes all of my emails on the back-end. I could pay for my email service provider – and there do seem to be good options – but then I’d be paying for email.

Search engine: I moved from Google Search to DuckDuckGo about a year ago and can’t say that I miss Google Search all that much. Every now and again I do find that I have to go to Google, especially for images.

Photo storage: Again, I’ve looked around for alternatives but the combination of the free service, convenience (automatic upload of photos taken on my phone), unlimited storage (for lower res copies) and the image recognition features built into Google Photos make this very difficult to move away from.

To do list: I’ve used Todoist and Any.do on and off for years but eventually moved to Todo.txt because I wanted to have more control over the things that I use on a daily basis. I like the fact that my work is stored in a text file and will be backwards compatible forever.

Note taking: I use a combination of Simplenote and Qownnotes for my notes. Simplenote is the equivalent of sticky notes (short-term notes that I make on my phone and delete after acting on them), and Qownnotes is for long-form note-taking and writing that stores notes as text files. Again, I want to control my data and these apps give me that control along with all of the features that I care about.

Maps: Google Maps is without equal and is so far ahead of anyone else that it’s very difficult to move away from. However, I’ve also used Here We Go on and off and it’s not bad for simple directions.

From the list above you can see that I pay attention to how my data is stored, shared and used, and that privacy is important to me. I’m not unsophisticated in my use of technology and I still can’t get away from Google for email, photos, and maps, arguably the most important data gathering services that the company provides. Maybe there’s something that I’m missing out but companies like Google, Facebook, Amazon and Microsoft are so entangled in everything that we care about, I really don’t see a way to avoid using their products. The suggestion that users should be more careful about what data they share, and who they share it with, is a useful thought experiment but the practical reality is that it would very difficult indeed to avoid these companies altogether.

Like this:

Google offers an option to download all of the data it stores about you. I’ve requested to download it and the file is 5.5GB big, which is roughly 3m Word documents. This link includes your bookmarks, emails, contacts, your Google Drive files, all of the above information, your YouTube videos, the photos you’ve taken on your phone, the businesses you’ve bought from, the products you’ve bought through Google.

They also have data from your calendar, your Google hangout sessions, your location history, the music you listen to, the Google books you’ve purchased, the Google groups you’re in, the websites you’ve created, the phones you’ve owned, the pages you’ve shared, how many steps you walk in a day…

I’ve been thinking about all the reasons that support my decision to move as much of my digital life as possible into platforms and services that give me more control over how my personal data is used. Posts like this are really just reminders for me to remember what to include, and why I’m doing this. It’s not easy to move away from Google, Facebook, Amazon, Apple and Twitter but it may just be worth it.

Share this:

Like this:

A good question to ask yourself when evaluating your apps is “why does this app exist?” If it exists because it costs money to buy, or because it’s the free app extension of a service that costs money, then it is more likely to be able to sustain itself without harvesting and selling your data. If it’s a free app that exists for the sole purpose of amassing a large amount of users, then chances are it has been monetized by selling data to advertisers.

This is a useful heuristic for making quick decisions about whether or not you should have that app installed on your phone. Another good rule of thumb: “If you’re not paying for the product then you are the product.” Your personal data is worth a lot to companies who are either going to use it to refine their own AI-based platforms (e.g. Google, Facebook, Twitter, etc.) or who will sell your (supposedly anonymised) data to those companies. This is how things work now…you give them your data (connections, preferences, brand loyalty, relationships, etc.) and they give you a service “for free”. But as we’re seeing more and more, it really isn’t free. This is especially concerning when you realise how often your device and apps are “phoning home” with reports about you and your usage patterns, sometimes as frequently as every 2 seconds.

On a related note, if you’re interested in a potential technical solution to this problem you may want to check out Solid (social linked data) by Tim Berners-Lee, which will allow you to maintain control of your personal information but still share it with 3rd parties under conditions that you specify.

The paper describes how algorithm design (including training) can be shared across different organisations without each having access to each other’s resources.

This has important implications for the development of AI-based health applications, in that hospitals and other service providers need not share raw patient data with companies like Google/DeepMind. Health organisations could do the basic algorithm design in-house with the smaller, local data sets and then send the algorithm to organisations that have the massive data sets necessary for refining the algorithm, all without exposing the initial data and protecting patient privacy.

Like this:

I’m going to be presenting at The Network: Towards Unity for Health conference in Fortaleza, Brazil later this year and so my reading has largely been focused around what I’m thinking of talking about. I haven’t formalised the structure of the presentation yet but will probably publish it here as I figure out what I want to do.

Public is not simply defined. Public is not just what can be viewed by others, but a fragile set of social conventions about what behaviors are acceptable and appropriate. There are people determined to profit from expanding and redefining what’s public, working to treat nearly everything we say or do as a public work they can exploit. They may succeed before we even put up a fight.

….

What if the public speech on Facebook and Twitter is more akin to a conversation happening between two people at a restaurant? Or two people speaking quietly at home, albeit near a window that happens to be open to the street? And if more than a billion people are active on various social networking applications each week, are we saying that there are now a billion public figures? When did we agree to let media redefine everyone who uses social networks as fair game, with no recourse and no framework for consent?

….

The business models of some of the most powerful forces in society are increasingly dependent on our complicity in making our conversations, our creations, and our communities public whenever they can exploit them. Given that reality, understanding exactly what “public” means is the only way to protect the public’s interest.

What is privacy? (danah boyd): Think of this piece as an extension of the piece above, where boyd unpacks the notion of privacy in the context of “public” that Anil Dash wrote about.

The very practice of privacy is all about control in a world in which we fully know that we never have control. Our friends might betray us, our spaces might be surveilled, our expectations might be shattered. But this is why achieving privacy is desirable. People want to be *in* public, but that doesn’t necessarily mean that they want to *be* public. There’s a huge difference between the two. As a result of the destabilization of social spaces, what’s shocking is how frequently teens have shifted from trying to restrict access to content to trying to restrict access to meaning. They get, at a gut level, that they can’t have control over who sees what’s said, but they hope to instead have control over how that information is interpreted. And thus, we see our collective imagination of what’s private colliding smack into the notion of public. They are less of a continuum and more of an entwined hairball, reshaping and influencing each other in significant ways.

….

When powerful actors, be they companies or governmental agencies, use the excuse of something being “public” to defend their right to look, they systematically assert control over people in a way that fundamentally disenfranchises them. This is the very essence of power and the core of why concepts like “surveillance” matter. Surveillance isn’t simply the all-being all-looking eye. It’s a mechanism by which systems of power assert their power. And it is why people grow angry and distrustful. Why they throw fits over beingexperimented on. Why they cry privacy foul even when the content being discussed is, for all intents and purposes, public.

In this article I made a suggestion of what I believe to be a previously untheorised consequence of the large scale tracking of exercise activity by self-tracking devices such as Fitbit and Nike+ and related apps on smart phones.

My suggestion was that this kind of tracking is potentially transforming exercise activity into labour. By synthesising existing analyses of self-tracking and quantified self activities with theories of digital labour I proposed that by converting the physical movement of bodies during exercise into standardised measures which can be analysed, compared and accumulated on a large scale they are made amenable to the extraction of value.

….

Another study conducted by web analytics and privacy group Evidon commissioned by the Financial Times found that data was shared with nearly seventy companies by the twenty most popular health and fitness apps and some of these companies were advertising firms (see graphic below). Although the headline rhetoric often presents a concern for the privacy of users an analysis of the privacy policies of many of the most popular health and fitness tracking apps and devices most allowing “non-personally identifiable information” to be shared and many were ambiguous on whether they permitted sharing of user data.

When self-tracking was an activity limited to jotting notes down in a paper journal or diary, this information could easily be kept private. No-one else could know the finer details of one’s sleeping or bowel habits, sex life, diet, heart rate, body weight or efforts to give up smoking.

However when people use digital devices that connect to computing cloud storage facilities or developers’ data archives, the user no longer owns or control their own data. This personal and often very private information becomes part of vast digital data collections that are increasingly used by actors and agents in many different social domains.

Personal health and medical data is now used for much more than just gathering information on oneself for one’s own private reasons. This information is a commodity that can be used for commercial, managerial and governmental purposes and on-sold to third parties.

When Big Data allows us to automate decision-­making, or at least contextualize every decision with a trove of data about its likely consequences, we need to grapple with the question of just how much we want to leave to chance and to those simple, low-tech, unautomated options of democratic contestation and deliberation.

As we gain the capacity to predict and even pre-empt crises, we risk eliminating the very kinds of experimental behaviors that have been conducive to social innovation. Occasionally, someone needs to break the law, engage in an act of civil disobedience or simply refuse to do something the rest of us find useful. The temptation of Big Data lies precisely in allowing us to identify and make such loopholes unavailable to deviants, who might actually be dissidents in disguise.